package cn.edu.njust.epms.interceptor;

import cn.edu.njust.epms.common.Resp;
import cn.edu.njust.epms.entity.User;
import com.alibaba.fastjson.JSONObject;
import org.springframework.core.annotation.Order;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
//@Order(214783647)
public class UserInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        User user = (User) request.getSession().getAttribute("user");
//        if("OPTIONS".equals(request.getMethod().toUpperCase()))
//            return true;
        if(user!=null && user.getuSts()==2){//部分功能仅限管理员使用
            return true;
        }
        response.setContentType("application/json;charset=utf-8");
        response.setCharacterEncoding("UTF-8");
        String s = JSONObject.toJSONString(Resp.error("没有访问权限"));
        response.getWriter().write(s);
        return false;
    }
}
